Secure File Transfer Using USB
|
|
- Asher Dixon
- 8 years ago
- Views:
Transcription
1 International Journal of Scientific and Research Publications, Volume 2, Issue 4, April Secure File Transfer Using USB Prof. R. M. Goudar, Tushar Jagdale, Ketan Kakade, Amol Kargal, Darshan Marode Computer Department, Abstract- Universal Serial Bus (USB) devices are high transmission speed external devices. USB is the speediest external device available today. The access to USB is very simple, convenient and fast compared to other external devices such as CD, DVD, Floppy drive etc. Thus USB have become most popular interface standard for hardware connection. But from security point of view, USB devices lacks security as no user is restricted to access USB device. If we restrict the use of USB devices, then the data access through external devices would be as chaotic as before. Thus a system which would provide fast access as well as security is required. In this paper, we propose a system which deals with mutual authentication and key agreement in order to provide security for access through USB devices. Index Terms- Authentication, USB, Cryptography U I. INTRODUCTION SB devices are well known for the speed they provide while accessing data through them. The USB devices are easy to connect. Thus USB devices provides with speed as well as easiness. This high transmission speed devices are more convenient than any other external devices. But USB device lacks security. There is no authentication process provided by USB. Thus USB devices are very insecure. USB can be considered as an unprotected gate, through which any data can be transferred without authentication. This is a serious problem when it comes to security of important data stored in the computers. One way to avoid this is to block all USB ports. But then no user will be able to access the information through USB ports. This will again cause the data transfer to be slow as it was in earlier days. Even we cannot ignore the security issues of USB. In many applications such as business or bank applications, the data should be securely stored in PC s and should be accessible to valid users only. Also the system should be fast enough to cope with today s competitive world. Thus system should provide USB access to valid users but should also restrict unauthorised users to transfer the files stored in PC s by providing mutual authentication. The data stored in USB devices is first encrypted and then stored in USB devices. This is useful to secure files in case the USB device is lost or stolen malevolently. The data is thus secure due to encryption. For key agreement, we used the key exchange agreement proposed by Rivest, Shamir and Adleman. The objective of using RSA for key exchange is that the key generated by the Authentication server (AS) must be transferred to client safely when the two sides try to communicate. Subsequently, the keys generated by RSA algorithm can be used for encrypting a message for transmission. However, this protocol is subject to man-in-the-middle attacks. Suppose an attacker exists between the sending end and the receiving end. The attacker poses as the sending end to transmit a public key exponent and modulus to the receiving end; without identity confirmation, the receiving end cannot ensure that this message is sent from the sending end. Many scholars have recently presented solutions to this problem. The most widely adopted of these is that of using a user password for identity confirmation on the two sides. We developed a system based on password verification that combined Schnorr s digital signature scheme and the RSA algorithm to realize system security and convenience. Section II explains about the current trends and practices in providing security which is followed by section III which provides general description about various cryptographic algorithms. Section IV contains System design and parameters used and section V contains Security analysis which explains security of system with respect to some general attacks. II. SYSTEM OVERVIEW In this proposed system, we have designed a control protocol which would provide security to USB devices along with speed. The proposed system implements user authentication and key exchange agreement. User authentication is done by providing username and password to the user during registration phase of the system. Thus each user should be first registered to the system before any access to the USB devices. Thus user needs username and password to achieve mutual authentication with the system. Every time, the USB device is connected to the system, the user is first verified to check whether the user is valid or not. If he is a valid user then he is able to access the USB device. All files stored on the USB device are first encrypted using a key which is generated every time in verification process. The user has to acquire same session key at the time of decryption of the files stored on the USB devices so as to open or read the files. For each file a unique session key is generated based on username, password, filename and private key of AS. The proposed system is very secure as only valid users can access the USB devices. This is provided by using username and password to valid users during registration phase. Even if the USB device is lost, then the files stored in USB devices are encrypted and thus cannot be decrypted without keys used at the time of encryption. The legal user, if wants to distribute files to
2 International Journal of Scientific and Research Publications, Volume 2, Issue 4, April other peoples malevolently, then also the file is secure, as legal file owner cannot obtain agreement key used for decryption until authentication server suspends his account. CHARACTERI STIC SYMMETRIC KEY CRYPTOGRA PHY ASYMMETRIC KEY CRYPTOGRAP HY Key Used Public Public and Private Speed Very Fast Slow Size of Resulting Ciphertext Same/Less than Plain text More than Plain text Key Agreement Big Problem No problem at all Used for Encryption/Decr yption Encryption/Decr yption and digital signature Table 1: Difference between Symmetric and Asymmetric Cryptography In this proposed system, we will be using asymmetric cryptography as it provides secure key exchange agreement. The differences among various asymmetric algorithms are given in Table 2. [2] Figure 1: Overview of System The operational flow of the system is as shown in figure 1. User first inserts a USB device. The system then forces user to pass through authentication process in order to access USB device. The user is thus forced to input username and password. This username and password is verified by authentication server called as AS. If the username and password is matches, then the person is valid user and thus AS provides him with the session key. If username and password does not match, then the user is invalid and is restricted to access USB device. The session key which is acquired by the valid user is used to encrypt the file to be stored in USB devices. This file is then stored on USB device securely. In order to decrypt the file, user has to go through the same verification process mentioned above. CHARACTE RISTIC Proposed By Speed Primarily used for DIFFIE- HELLMAN Whitfield Diffie and Martin Hellman Fast in Key and slow in verification Key and Encryption/ Decryption RSA Rivest, Shamir and Adleman Slow in Key and fast in verification Key and Encryption/ Decryption DSA NIST Fast in Key and very slow in verification Key III. CRYPTOGRAPHIC ALGORITHMS Encryption algorithm is used to encrypt/decrypt the files in order to save them on USB devices. This provides security to files in case the USB device is lost. In general, there are two types of encryption algorithms used in cryptography. They are symmetric and asymmetric algorithms. Symmetric encryption algorithm includes AES(Advanced Encryption Standards), DES(Data Encryption Standards), IDEA(International Data Encryption Algorithm), Triple-DES etc whereas Asymmetric encryption algorithm includes Diffie- Hellman, RSA(Rivest, Shamir and Adleman), DSA(Digital Signature Algorithm) etc. Hybrid algorithm is formed by combining Symmetric and Asymmetric algorithms depending on their pros and cons. [1] The difference between Symmetric and Asymmetric algorithms is listed below in Table 1. [2] Table 2: Difference among Diffie-Hellman, RSA and DSA Algorithm In this proposed system, we will be using RSA algorithm which was developed in MIT by Rivest, Shamir and Adleman in 1977 and first published in It will be used for only key exchange agreement. For mutual authentication, we will be using Digital Signature proposed by Schnorr in A. RSA Algorithm Key 1. Choose two distinct large prime numbers p and q. 2. Compute n = pq where n is used as modulus. 3. Compute φ(n) = (p - 1)(q - 1), where φ is Euler s totient function. 4. Choose an integer e such that 1 < e < φ(n) and e and φ(n) are co-prime. e is released as the public key exponent.
3 International Journal of Scientific and Research Publications, Volume 2, Issue 4, April Determine d = e 1 mod φ(n) i.e. compute d given (d*e)mod φ(n) = 1. d is kept as the private key exponent. 6. The public key consists of the modulus n and the public (or encryption) exponent e. The private key consists of the modulus n and the private (or decryption) exponent d which must be kept secret. Encryption 1. Message M is to be transmitted. 2. Convert M into an integer m, such that 0 < m < n by padding scheme then computes the ciphertext c corresponding to c = m e (mod n). 3. Then transmits c. Decryption 1. Recover m from c by using private key exponent d via computing m = c d (mod n). 2. Given m, we can recover the original message M by reversing the padding scheme. B. Digital Signature Schnorr signature scheme is used to limit the number of signatures. Schnorr signature scheme employs a subgroup of order q in Z*p, where p is some large prime number. The method also requires a hash function H : {0, 1}* > Zq. Key Algorithm 1. Select prime numbers q and p with the property that q divides (p 1). 2. Select a random integer x such that 1 x q Compute y = g x mod p. 4. A s public key is (p, q, α, y), and A s secret key is x. 3. id, pw : User account (user name) and password. 4. x, Y: Server's private key and public key; Y = gx mod p. 5. h(.), H(.) : One way collision-resistant hash functions; h(.) maps arbitrarily long strings to strings of fixed length, and H(.) maps to elements of the cyclic group G. 6. : Concatenate operate. 7. Fn : Filename for encryption. 8. File : File for encryption. 9. EK[.] : Symmetric encryption function with respect to a key K. 10. DK[.] : Symmetric decryption function with respect to a key K. B. Registration Phase A user needs to register with the system before accessing the USB device. During the registration phase, the user first inserts a USB storage device and then chooses one set of id and pw. The pw is substituted into the one way hash function to calculate hpw = H(pw), and then id and hpw are sent to the authentication server. When receiving this registration message, the server will choose a random number k and generate r = hpw k mod p and r1 = g k mod p. It then computes e = h(id r r1), use its private key x to calculate s = (k - e. x) mod q, and save (e, s) to the user s storage device. After receiving the triplet (e, r, s), the user checks whether e is equal to h(id r g s y e mod p) [5]. A valid check concludes the registration phase. Data transmission in this phase is done under a secure channel. In addition, in order to avoid password guessing attacks, the protocol will force the user to choose password with sufficient complexity. Signature Algorithm 1. Select a random secret integer k, 1 k q 1 2. Compute r = g k mod p, e = H(m r), and s = x e + k mod q 3. A s signature for m is the pair (s, e). Signature Verification 1. Compute v = g s y e mod p, and ē =H(m v) 2. Accept the signature if and only if e = ē [3][4]. IV. SYSTEM DESIGN User has to first register to the system. After registration phase, when user connects USB device and have to go throw verification and data encryption phase where session key will be generated which is used to encrypt/decrypt file. A. Parameters and Symbols 1. p, q : Two large primes p and q, where q p g, G : g is an element chosen from Z*p and having an order of q; G is the cyclic group generated by g. Figure 3: Registration Phase
4 International Journal of Scientific and Research Publications, Volume 2, Issue 4, April C. Verification and Data Encryption Phase Figure 4: Verification and Data Encryption Phase After completing the registration phase, and when accessing the USB storage device, the user needs to achieve mutual authentication with the authentication server using the id and pwd, which generates an encryption key. The communication procedure is described in detail below Figure 4 shows the full procedure of verification and data encryption phase. Step 1: The user attaches the USB storage device to a computer through a normal procedure and inputs the correct id and pw. At this moment, the user (client) will use pw to calculate hpw using the one way hash function H(.). Then the user chooses a random large prime numbers pk and qk and calculate modulus n=pk.qk. Euler s totient function Ф(n)=(pk-1)(qk-1) is also calculated. Public key exponent ek co-prime with Ф(n) is chosen such a that 1<ek<Ф(n). Calculates u = hpw. yn mod p. Finally, the user will send messages of {id, Fn, ek, n, u, e, s} to the authentication server. Step 2: After receiving {id, Fn, ek, n, u, e, s}, the AS will use its long term private key x to calculate hpw = u / (y n mod p) and k = s + e. x mod q. Then, the authentication server will employ parameters it generated to verify whether e = h(id hpwk mod p g s y e mod p). If yes, then the user in this communication is legal. If not, the communication is terminated. Subsequently, the authentication server will use the received file name Fn and the long-term private key x to calculate m = h(x Fn), and perform encryption on m, to generate ciphertext c= mek mod n. Finally, the authentication server calculates a message authentication code MAC = h(id hpw m ek) and sends the generated message {c, MAC} to the user. Step 3: After receiving the message {c, MAC}, the user uses the public key exponent ek and Ф(n) to calculate private key exponent dk. m is retrieved by decrypting c using d to calculate a used in generation of session key sk, Next the user will verify whether MAC = h(id hpw m ek). If yes, then mutual authentication is achieved between the user and the authentication server, and the user will calculate a = h(id hpw m) and generate an encryption key sk using the equation sk = (Y) a = g x. a mod p. Step 4: After the user and the authentication server complete these steps, the session key sk can be calculated by sk = gx. a mod p. When
5 International Journal of Scientific and Research Publications, Volume 2, Issue 4, April a user wants to access the storage device via the USB interface, this encryption key, can be used to encrypt the File, i.e., as E sk [File], to protect the file and provide private and secure access to the USB device. For file decryption, the user needs to undergo the same verification steps and obtain the same key sk to decrypt the file (D sk [E sk [File]]) when accessing it on the USB device. V. SECURITY ANALYSIS System Analysis means determining whether the project is economically, socially, technologically and organizationally feasible. Correctness Our protocol will prevent any confidential file loss via USB removal storage device. In our protocol design file transfer via USB interface is blocked till the user does not passes through authentication procedure. If the user is valid then the required files are transferred to peripheral device (USB) in encrypted format. The key used for encryption is computed using Username, Password and filename. After encryption if user want to read that file he has to first decrypt it. For decryption, user has to go through same authentication procedure and have to obtain same key used for encryption. Offline password guessing If the USB is lost or stolen, yet USB access is restricted as for decryption, username and password is required. Thus preventing confidential data stored in USB device. If user tries to guess password, it will be hard to him as it includes solving Discrete Logarithmic Problem [6]. Discrete Logarithmic problem 1. In verification and data encryption phase if attacker tries to guess the value of parameter for that he has to pass through Discrete Logarithmic Problem. 2. Discrete Logarithmic problem where variable have number of solution. 3. eg: X%2=1; to get answer as 1,X having number of value(x=3,5,7,... ) Session Key is generated for each verification message in our protocol. Without knowing p k and q k and private key x, attacker cannot decrypt the file. So our protocol resists offline password attack [7]. Replay attack and Stolen verifier attack If attacker tries to use a captured wiretap login message and he get some parameter but he don't know p k and q k, means he don't know m used to calculate session key sk. Even though he finds session key still password is required, therefore our protocol can resist the stolen verifier attack [8]. VI. CONCLUSION The Proposed System has a secure and efficient control protocol for USB ports. The protocol employs a remote authentication server to verify legal users and uses the Cryptographic algorithm to implement key exchange agreement to protect the privacy of a file transmitted to a storage device. Also the proposed system can resist some general attacks. In terms of protocol communication costs, realizing mutual authentication requires only two rounds of communication sessions. Therefore, the proposed system provides an effective control protocol for USB storage devices which is both secure and efficient. ACKNOWLEDGMENT We would like to express our gratitude towards a number of people whose support and consideration has been an invaluable asset during the course of this work. REFERENCES [1] W. Diffie and M. Hellman, New directions in cryptography, IEEE Transactions on Information Theory, Vol. 22, No. 6, pp , [2] Gustavus J. Simmons, Symmetric and Asymmetric Encryption, Computing Surveys, Vol. 11, No. 4, December [3] Chul-Joon Choi, Zeen Kim and Kwangjo Kim Schnorr Signature Scheme with Restricted Signing Capability and Its Application. [4] R. Rivest, A. Shamir, and L. Adleman, A method for obtaining digital signatures and public-key cryptosystems, Communications of the ACM, Vol. 21, No. 2, pp , [5] Hyun Sook Rhee, Jeong Ok Kwon, and Dong Hoon Lee, A remote user authentication scheme without using smart cards, Computer Standards & Interfaces, Vol. 31, No. 1, pp. 6-13, [6] Mrs. C. Shoba Bindu, Dr P. Chandra Sekhar Reddy and Dr B.Satyanarayana, Improved Remote User Authentication Scheme Preserving User Anonymity, International Journal of Computer Science and Network Security, VOL.8 No.3, March [7] T. A. ElGamal, A public-key cryptosystem and a signature scheme based on discrete logarithms, IEEE Transactions on Information Theory, Vol. 31, No. 4, pp , [8] Lu Zhu, Sheng Yu and Xing Zhang, Improvement Upon Mutual Password Authentication Scheme, /08 IEEE DOI /ISBIM, AUTHORS First Author Prof. R. M. Goudar, Computer Department, rmgoudar66@gmail.com Second Author Tushar Jagdale, Computer Department, jgdtushar@gmail.com Third Author Ketan Kakade, Computer Department, ketankakade8@gmail.com Forth Author Amol Kargal, Computer Department, aakargal@gmail.com
6 International Journal of Scientific and Research Publications, Volume 2, Issue 4, April Fifth Author Darshan Marode, Computer Department, darshanmarode@gmail.com
CSCE 465 Computer & Network Security
CSCE 465 Computer & Network Security Instructor: Dr. Guofei Gu http://courses.cse.tamu.edu/guofei/csce465/ Public Key Cryptogrophy 1 Roadmap Introduction RSA Diffie-Hellman Key Exchange Public key and
More informationCRYPTOGRAPHY IN NETWORK SECURITY
ELE548 Research Essays CRYPTOGRAPHY IN NETWORK SECURITY AUTHOR: SHENGLI LI INSTRUCTOR: DR. JIEN-CHUNG LO Date: March 5, 1999 Computer network brings lots of great benefits and convenience to us. We can
More informationNetwork Security. Computer Networking Lecture 08. March 19, 2012. HKU SPACE Community College. HKU SPACE CC CN Lecture 08 1/23
Network Security Computer Networking Lecture 08 HKU SPACE Community College March 19, 2012 HKU SPACE CC CN Lecture 08 1/23 Outline Introduction Cryptography Algorithms Secret Key Algorithm Message Digest
More informationSoftware Tool for Implementing RSA Algorithm
Software Tool for Implementing RSA Algorithm Adriana Borodzhieva, Plamen Manoilov Rousse University Angel Kanchev, Rousse, Bulgaria Abstract: RSA is one of the most-common used algorithms for public-key
More informationPublic Key (asymmetric) Cryptography
Public-Key Cryptography UNIVERSITA DEGLI STUDI DI PARMA Dipartimento di Ingegneria dell Informazione Public Key (asymmetric) Cryptography Luca Veltri (mail.to: luca.veltri@unipr.it) Course of Network Security,
More informationApplication of Automatic Variable Password Technique in Das s Remote System Authentication Scheme Using Smart Card
Application of Automatic Variable Password Technique in Das s Remote System Authentication Scheme Using Smart Card C. Koner, Member, IACSIT, C. T. Bhunia, Sr. Member, IEEE and U. Maulik, Sr. Member, IEEE
More informationOverview of Public-Key Cryptography
CS 361S Overview of Public-Key Cryptography Vitaly Shmatikov slide 1 Reading Assignment Kaufman 6.1-6 slide 2 Public-Key Cryptography public key public key? private key Alice Bob Given: Everybody knows
More informationMANAGING OF AUTHENTICATING PASSWORD BY MEANS OF NUMEROUS SERVERS
INTERNATIONAL JOURNAL OF ADVANCED RESEARCH IN ENGINEERING AND SCIENCE MANAGING OF AUTHENTICATING PASSWORD BY MEANS OF NUMEROUS SERVERS Kanchupati Kondaiah 1, B.Sudhakar 2 1 M.Tech Student, Dept of CSE,
More informationSECURITY IMPROVMENTS TO THE DIFFIE-HELLMAN SCHEMES
www.arpapress.com/volumes/vol8issue1/ijrras_8_1_10.pdf SECURITY IMPROVMENTS TO THE DIFFIE-HELLMAN SCHEMES Malek Jakob Kakish Amman Arab University, Department of Computer Information Systems, P.O.Box 2234,
More informationApplied Cryptography Public Key Algorithms
Applied Cryptography Public Key Algorithms Sape J. Mullender Huygens Systems Research Laboratory Universiteit Twente Enschede 1 Public Key Cryptography Independently invented by Whitfield Diffie & Martin
More informationPublic Key Cryptography. c Eli Biham - March 30, 2011 258 Public Key Cryptography
Public Key Cryptography c Eli Biham - March 30, 2011 258 Public Key Cryptography Key Exchange All the ciphers mentioned previously require keys known a-priori to all the users, before they can encrypt
More information7! Cryptographic Techniques! A Brief Introduction
7! Cryptographic Techniques! A Brief Introduction 7.1! Introduction to Cryptography! 7.2! Symmetric Encryption! 7.3! Asymmetric (Public-Key) Encryption! 7.4! Digital Signatures! 7.5! Public Key Infrastructures
More informationCIS 6930 Emerging Topics in Network Security. Topic 2. Network Security Primitives
CIS 6930 Emerging Topics in Network Security Topic 2. Network Security Primitives 1 Outline Absolute basics Encryption/Decryption; Digital signatures; D-H key exchange; Hash functions; Application of hash
More informationCapture Resilient ElGamal Signature Protocols
Capture Resilient ElGamal Signature Protocols Hüseyin Acan 1, Kamer Kaya 2,, and Ali Aydın Selçuk 2 1 Bilkent University, Department of Mathematics acan@fen.bilkent.edu.tr 2 Bilkent University, Department
More informationOverview of Cryptographic Tools for Data Security. Murat Kantarcioglu
UT DALLAS Erik Jonsson School of Engineering & Computer Science Overview of Cryptographic Tools for Data Security Murat Kantarcioglu Pag. 1 Purdue University Cryptographic Primitives We will discuss the
More informationCryptography and Network Security Chapter 9
Cryptography and Network Security Chapter 9 Fifth Edition by William Stallings Lecture slides by Lawrie Brown (with edits by RHB) Chapter 9 Public Key Cryptography and RSA Every Egyptian received two names,
More informationSecure Network Communication Part II II Public Key Cryptography. Public Key Cryptography
Kommunikationssysteme (KSy) - Block 8 Secure Network Communication Part II II Public Key Cryptography Dr. Andreas Steffen 2000-2001 A. Steffen, 28.03.2001, KSy_RSA.ppt 1 Secure Key Distribution Problem
More informationEfficient Nonce-based Authentication Scheme for. session initiation protocol
International Journal of Network Security, Vol.9, No.1, PP.12 16, July 2009 12 Efficient Nonce-based Authentication for Session Initiation Protocol Jia Lun Tsai Degree Program for E-learning, Department
More informationNetwork Security [2] Plain text Encryption algorithm Public and private key pair Cipher text Decryption algorithm. See next slide
Network Security [2] Public Key Encryption Also used in message authentication & key distribution Based on mathematical algorithms, not only on operations over bit patterns (as conventional) => much overhead
More informationThe Mathematics of the RSA Public-Key Cryptosystem
The Mathematics of the RSA Public-Key Cryptosystem Burt Kaliski RSA Laboratories ABOUT THE AUTHOR: Dr Burt Kaliski is a computer scientist whose involvement with the security industry has been through
More informationPublic Key Cryptography Overview
Ch.20 Public-Key Cryptography and Message Authentication I will talk about it later in this class Final: Wen (5/13) 1630-1830 HOLM 248» give you a sample exam» Mostly similar to homeworks» no electronic
More informationLecture 6 - Cryptography
Lecture 6 - Cryptography CSE497b - Spring 2007 Introduction Computer and Network Security Professor Jaeger www.cse.psu.edu/~tjaeger/cse497b-s07 Question 2 Setup: Assume you and I don t know anything about
More informationDigital Signatures. Murat Kantarcioglu. Based on Prof. Li s Slides. Digital Signatures: The Problem
Digital Signatures Murat Kantarcioglu Based on Prof. Li s Slides Digital Signatures: The Problem Consider the real-life example where a person pays by credit card and signs a bill; the seller verifies
More informationA Novel Approach to combine Public-key encryption with Symmetric-key encryption
Volume 1, No. 4, June 2012 ISSN 2278-1080 The International Journal of Computer Science & Applications (TIJCSA) RESEARCH PAPER Available Online at http://www.journalofcomputerscience.com/ A Novel Approach
More informationComputer Security: Principles and Practice
Computer Security: Principles and Practice Chapter 20 Public-Key Cryptography and Message Authentication First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Public-Key Cryptography
More informationAuthentication Protocols Using Hoover-Kausik s Software Token *
JOURNAL OF INFORMATION SCIENCE AND ENGINEERING 22, 691-699 (2006) Short Paper Authentication Protocols Using Hoover-Kausik s Software Token * WEI-CHI KU AND HUI-LUNG LEE + Department of Computer Science
More informationA More Robust Authentication Scheme for Roaming Service in Global Mobility Networks Using ECC
International Journal of Network Security, Vol.18, No.2, PP.217-223, Mar. 2016 217 A More Robust Authentication Scheme for Roaming Service in Global Mobility Networks Using ECC Dianli Guo and Fengtong
More informationFinal Exam. IT 4823 Information Security Administration. Rescheduling Final Exams. Kerberos. Idea. Ticket
IT 4823 Information Security Administration Public Key Encryption Revisited April 5 Notice: This session is being recorded. Lecture slides prepared by Dr Lawrie Brown for Computer Security: Principles
More information1720 - Forward Secrecy: How to Secure SSL from Attacks by Government Agencies
1720 - Forward Secrecy: How to Secure SSL from Attacks by Government Agencies Dave Corbett Technical Product Manager Implementing Forward Secrecy 1 Agenda Part 1: Introduction Why is Forward Secrecy important?
More informationCloud Security and Algorithms: A Review Divya saraswat 1, Dr. Pooja Tripathi 2 1
Cloud Security and Algorithms: A Review Divya saraswat 1, Dr. Pooja Tripathi 2 1 M.Tech Dept. of Computer Science, IPEC, Ghaziabad, U.P. 2 Professor, Dept. of Computer science, IPEC, Ghaziabad, U.P. Abstract:
More informationPublic Key Cryptography of Digital Signatures
ACTA UNIVERSITATIS APULENSIS No 13/2007 MATHEMATICAL FOUNDATION OF DIGITAL SIGNATURES Daniela Bojan and Sidonia Vultur Abstract.The new services available on the Internet have born the necessity of a permanent
More informationNetwork Security. Chapter 2 Basics 2.2 Public Key Cryptography. Public Key Cryptography. Public Key Cryptography
Chair for Network Architectures and Services Department of Informatics TU München Prof. Carle Encryption/Decryption using Public Key Cryptography Network Security Chapter 2 Basics 2.2 Public Key Cryptography
More informationCS 758: Cryptography / Network Security
CS 758: Cryptography / Network Security offered in the Fall Semester, 2003, by Doug Stinson my office: DC 3122 my email address: dstinson@uwaterloo.ca my web page: http://cacr.math.uwaterloo.ca/~dstinson/index.html
More informationPeer-to-Peer Networks Anonymity (1st part) 8th Week
Peer-to-Peer Networks Anonymity (1st part) 8th Week Department of Computer Science 1 Motivation Society Free speech is only possible if the speaker does not suffer negative consequences Thus, only an anonymous
More informationMathematical Model Based Total Security System with Qualitative and Quantitative Data of Human
Int Jr of Mathematics Sciences & Applications Vol3, No1, January-June 2013 Copyright Mind Reader Publications ISSN No: 2230-9888 wwwjournalshubcom Mathematical Model Based Total Security System with Qualitative
More informationEfficient nonce-based authentication scheme for Session Initiation Protocol
Efficient nonce-based authentication scheme for Session Initiation Protocol Jia Lun Tsai National Chiao Tung University, Taiwan, R.O.C. crousekimo@yahoo.com.tw Abstract: In recent years, Session Initiation
More informationCryptography and Network Security
Cryptography and Network Security Fifth Edition by William Stallings Chapter 9 Public Key Cryptography and RSA Private-Key Cryptography traditional private/secret/single key cryptography uses one key shared
More informationDigital Signatures. Meka N.L.Sneha. Indiana State University. nmeka@sycamores.indstate.edu. October 2015
Digital Signatures Meka N.L.Sneha Indiana State University nmeka@sycamores.indstate.edu October 2015 1 Introduction Digital Signatures are the most trusted way to get documents signed online. A digital
More informationAnalysis on Secure Data sharing using ELGamal s Cryptosystem in Cloud
Analysis on Secure Data sharing using ELGamal s Cryptosystem in Cloud M.Jayanthi, Assistant Professor, Hod of MCA.E mail: badini_jayanthi@yahoo.co.in MahatmaGandhi University,Nalgonda, INDIA. B.Ranganatha
More informationElements of Applied Cryptography Public key encryption
Network Security Elements of Applied Cryptography Public key encryption Public key cryptosystem RSA and the factorization problem RSA in practice Other asymmetric ciphers Asymmetric Encryption Scheme Let
More informationSavitribai Phule Pune University
Savitribai Phule Pune University Centre for Information and Network Security Course: Introduction to Cyber Security / Information Security Module : Pre-requisites in Information and Network Security Chapter
More informationLecture 9: Application of Cryptography
Lecture topics Cryptography basics Using SSL to secure communication links in J2EE programs Programmatic use of cryptography in Java Cryptography basics Encryption Transformation of data into a form that
More informationTable of Contents. Bibliografische Informationen http://d-nb.info/996514864. digitalisiert durch
1 Introduction to Cryptography and Data Security 1 1.1 Overview of Cryptology (and This Book) 2 1.2 Symmetric Cryptography 4 1.2.1 Basics 4 1.2.2 Simple Symmetric Encryption: The Substitution Cipher...
More informationSecurity. Contents. S-72.3240 Wireless Personal, Local, Metropolitan, and Wide Area Networks 1
Contents Security requirements Public key cryptography Key agreement/transport schemes Man-in-the-middle attack vulnerability Encryption. digital signature, hash, certification Complete security solutions
More informationOutline. Computer Science 418. Digital Signatures: Observations. Digital Signatures: Definition. Definition 1 (Digital signature) Digital Signatures
Outline Computer Science 418 Digital Signatures Mike Jacobson Department of Computer Science University of Calgary Week 12 1 Digital Signatures 2 Signatures via Public Key Cryptosystems 3 Provable 4 Mike
More informationDRAFT Standard Statement Encryption
DRAFT Standard Statement Encryption Title: Encryption Standard Document Number: SS-70-006 Effective Date: x/x/2010 Published by: Department of Information Systems 1. Purpose Sensitive information held
More informationSECURITY IN NETWORKS
SECURITY IN NETWORKS GOALS Understand principles of network security: Cryptography and its many uses beyond confidentiality Authentication Message integrity Security in practice: Security in application,
More informationNetwork Security. Security Attacks. Normal flow: Interruption: 孫 宏 民 hmsun@cs.nthu.edu.tw Phone: 03-5742968 國 立 清 華 大 學 資 訊 工 程 系 資 訊 安 全 實 驗 室
Network Security 孫 宏 民 hmsun@cs.nthu.edu.tw Phone: 03-5742968 國 立 清 華 大 學 資 訊 工 程 系 資 訊 安 全 實 驗 室 Security Attacks Normal flow: sender receiver Interruption: Information source Information destination
More informationNetwork Security. Gaurav Naik Gus Anderson. College of Engineering. Drexel University, Philadelphia, PA. Drexel University. College of Engineering
Network Security Gaurav Naik Gus Anderson, Philadelphia, PA Lectures on Network Security Feb 12 (Today!): Public Key Crypto, Hash Functions, Digital Signatures, and the Public Key Infrastructure Feb 14:
More informationSymmetric Key cryptosystem
SFWR C03: Computer Networks and Computer Security Mar 8-11 200 Lecturer: Kartik Krishnan Lectures 22-2 Symmetric Key cryptosystem Symmetric encryption, also referred to as conventional encryption or single
More informationEXAM questions for the course TTM4135 - Information Security May 2013. Part 1
EXAM questions for the course TTM4135 - Information Security May 2013 Part 1 This part consists of 5 questions all from one common topic. The number of maximal points for every correctly answered question
More informationPublic Key Cryptography and RSA. Review: Number Theory Basics
Public Key Cryptography and RSA Murat Kantarcioglu Based on Prof. Ninghui Li s Slides Review: Number Theory Basics Definition An integer n > 1 is called a prime number if its positive divisors are 1 and
More informationSoftware Implementation of Gong-Harn Public-key Cryptosystem and Analysis
Software Implementation of Gong-Harn Public-key Cryptosystem and Analysis by Susana Sin A thesis presented to the University of Waterloo in fulfilment of the thesis requirement for the degree of Master
More informationDigital Certificates (Public Key Infrastructure) Reshma Afshar Indiana State University
Digital Certificates (Public Key Infrastructure) Reshma Afshar Indiana State University October 2015 1 List of Figures Contents 1 Introduction 1 2 History 2 3 Public Key Infrastructure (PKI) 3 3.1 Certificate
More informationIntroduction to Cryptography CS 355
Introduction to Cryptography CS 355 Lecture 30 Digital Signatures CS 355 Fall 2005 / Lecture 30 1 Announcements Wednesday s lecture cancelled Friday will be guest lecture by Prof. Cristina Nita- Rotaru
More informationSeparable & Secure Data Hiding & Image Encryption Using Hybrid Cryptography
502 Separable & Secure Data Hiding & Image Encryption Using Hybrid Cryptography 1 Vinay Wadekar, 2 Ajinkya Jadhavrao, 3 Sharad Ghule, 4 Akshay Kapse 1,2,3,4 Computer Engineering, University Of Pune, Pune,
More informationLukasz Pater CMMS Administrator and Developer
Lukasz Pater CMMS Administrator and Developer EDMS 1373428 Agenda Introduction Why do we need asymmetric ciphers? One-way functions RSA Cipher Message Integrity Examples Secure Socket Layer Single Sign
More informationNotes on Network Security Prof. Hemant K. Soni
Chapter 9 Public Key Cryptography and RSA Private-Key Cryptography traditional private/secret/single key cryptography uses one key shared by both sender and receiver if this key is disclosed communications
More informationData Grid Privacy and Secure Storage Service in Cloud Computing
Data Grid Privacy and Secure Storage Service in Cloud Computing L.Revathi 1, S.Karthikeyan 2 1 Research Scholar, Department of Computer Applications, Dr. M.G.R. Educational and Research Institute University,
More informationSECURITY ANALYSIS OF PASSWORD BASED MUTUAL AUTHENTICATION METHOD FOR REMOTE USER
SECURITY ANALYSIS OF PASSWORD BASED MUTUAL AUTHENTICATION METHOD FOR REMOTE USER Mrs. P.Venkateswari Assistant Professor / CSE Erode Sengunthar Engineering College, Thudupathi ABSTRACT Nowadays Communication
More informationNetwork Security. Abusayeed Saifullah. CS 5600 Computer Networks. These slides are adapted from Kurose and Ross 8-1
Network Security Abusayeed Saifullah CS 5600 Computer Networks These slides are adapted from Kurose and Ross 8-1 Public Key Cryptography symmetric key crypto v requires sender, receiver know shared secret
More informationAN IMPLEMENTATION OF HYBRID ENCRYPTION-DECRYPTION (RSA WITH AES AND SHA256) FOR USE IN DATA EXCHANGE BETWEEN CLIENT APPLICATIONS AND WEB SERVICES
HYBRID RSA-AES ENCRYPTION FOR WEB SERVICES AN IMPLEMENTATION OF HYBRID ENCRYPTION-DECRYPTION (RSA WITH AES AND SHA256) FOR USE IN DATA EXCHANGE BETWEEN CLIENT APPLICATIONS AND WEB SERVICES Kalyani Ganesh
More informationSecuring MANET Using Diffie Hellman Digital Signature Scheme
Securing MANET Using Diffie Hellman Digital Signature Scheme Karamvir Singh 1, Harmanjot Singh 2 1 Research Scholar, ECE Department, Punjabi University, Patiala, Punjab, India 1 Karanvirk09@gmail.com 2
More informationNetwork Security. HIT Shimrit Tzur-David
Network Security HIT Shimrit Tzur-David 1 Goals: 2 Network Security Understand principles of network security: cryptography and its many uses beyond confidentiality authentication message integrity key
More informationVoteID 2011 Internet Voting System with Cast as Intended Verification
VoteID 2011 Internet Voting System with Cast as Intended Verification September 2011 VP R&D Jordi Puiggali@scytl.com Index Introduction Proposal Security Conclusions 2. Introduction Client computers could
More informationEvaluation of Digital Signature Process
Evaluation of Digital Signature Process Emil SIMION, Ph. D. email: esimion@fmi.unibuc.ro Agenda Evaluation of digital signatures schemes: evaluation criteria; security evaluation; security of hash functions;
More informationAssociate Prof. Dr. Victor Onomza Waziri
BIG DATA ANALYTICS AND DATA SECURITY IN THE CLOUD VIA FULLY HOMOMORPHIC ENCRYPTION Associate Prof. Dr. Victor Onomza Waziri Department of Cyber Security Science, School of ICT, Federal University of Technology,
More informationEmbedding more security in digital signature system by using combination of public key cryptography and secret sharing scheme
International Journal of Computer Sciences and Engineering Open Access Research Paper Volume-4, Issue-3 E-ISSN: 2347-2693 Embedding more security in digital signature system by using combination of public
More informationClient Server Registration Protocol
Client Server Registration Protocol The Client-Server protocol involves these following steps: 1. Login 2. Discovery phase User (Alice or Bob) has K s Server (S) has hash[pw A ].The passwords hashes are
More informationRSA Attacks. By Abdulaziz Alrasheed and Fatima
RSA Attacks By Abdulaziz Alrasheed and Fatima 1 Introduction Invented by Ron Rivest, Adi Shamir, and Len Adleman [1], the RSA cryptosystem was first revealed in the August 1977 issue of Scientific American.
More informationChapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography
Chapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography What Is Steganography? Steganography Process of hiding the existence of the data within another file Example:
More informationPublic Key Cryptography. Performance Comparison and Benchmarking
Public Key Cryptography Performance Comparison and Benchmarking Tanja Lange Department of Mathematics Technical University of Denmark tanja@hyperelliptic.org 28.08.2006 Tanja Lange Benchmarking p. 1 What
More informationCryptographic hash functions and MACs Solved Exercises for Cryptographic Hash Functions and MACs
Cryptographic hash functions and MACs Solved Exercises for Cryptographic Hash Functions and MACs Enes Pasalic University of Primorska Koper, 2014 Contents 1 Preface 3 2 Problems 4 2 1 Preface This is a
More informationAn Efficient data storage security algorithm using RSA Algorithm
An Efficient data storage security algorithm using RSA Algorithm Amandeep Kaur 1, Sarpreet Singh 2 1 Research fellow, Department of Computer Science and Engineering, Sri Guru Granth Sahib World University,
More informationCryptosystems. Bob wants to send a message M to Alice. Symmetric ciphers: Bob and Alice both share a secret key, K.
Cryptosystems Bob wants to send a message M to Alice. Symmetric ciphers: Bob and Alice both share a secret key, K. C= E(M, K), Bob sends C Alice receives C, M=D(C,K) Use the same key to decrypt. Public
More informationCIS 433/533 - Computer and Network Security Public Key Crypto/ Cryptographic Protocols
CIS 433/533 - Computer and Network Security Public Key Crypto/ Cryptographic Protocols Professor Kevin Butler Winter 2010 Computer and Information Science Key Distribution/Agreement Key Distribution is
More informationHow To Encrypt Data With Encryption
USING ENCRYPTION TO PROTECT SENSITIVE INFORMATION Commonwealth Office of Technology Security Month Seminars Alternate Title? Boy, am I surprised. The Entrust guy who has mentioned PKI during every Security
More informationPGP (Pretty Good Privacy) INTRODUCTION ZHONG ZHAO
PGP (Pretty Good Privacy) INTRODUCTION ZHONG ZHAO In The Next 15 Minutes, You May Know What is PGP? Why using PGP? What can it do? How did it evolve? How does it work? How to work it? What s its limitation?
More informationModule: Applied Cryptography. Professor Patrick McDaniel Fall 2010. CSE543 - Introduction to Computer and Network Security
CSE543 - Introduction to Computer and Network Security Module: Applied Cryptography Professor Patrick McDaniel Fall 2010 Page 1 Key Distribution/Agreement Key Distribution is the process where we assign
More informationSFWR ENG 4C03 - Computer Networks & Computer Security
KEY MANAGEMENT SFWR ENG 4C03 - Computer Networks & Computer Security Researcher: Jayesh Patel Student No. 9909040 Revised: April 4, 2005 Introduction Key management deals with the secure generation, distribution,
More informationFinal exam review, Fall 2005 FSU (CIS-5357) Network Security
Final exam review, Fall 2005 FSU (CIS-5357) Network Security Instructor: Breno de Medeiros 1. What is an insertion attack against a NIDS? Answer: An insertion attack against a network intrusion detection
More informationJournal of Electronic Banking Systems
Journal of Electronic Banking Systems Vol. 2015 (2015), Article ID 614386, 44 minipages. DOI:10.5171/2015.614386 www.ibimapublishing.com Copyright 2015. Khaled Ahmed Nagaty. Distributed under Creative
More informationIntroduction to Computer Security
Introduction to Computer Security Hash Functions and Digital Signatures Pavel Laskov Wilhelm Schickard Institute for Computer Science Integrity objective in a wide sense Reliability Transmission errors
More informationA Factoring and Discrete Logarithm based Cryptosystem
Int. J. Contemp. Math. Sciences, Vol. 8, 2013, no. 11, 511-517 HIKARI Ltd, www.m-hikari.com A Factoring and Discrete Logarithm based Cryptosystem Abdoul Aziz Ciss and Ahmed Youssef Ecole doctorale de Mathematiques
More informationCIS 5371 Cryptography. 8. Encryption --
CIS 5371 Cryptography p y 8. Encryption -- Asymmetric Techniques Textbook encryption algorithms In this chapter, security (confidentiality) is considered in the following sense: All-or-nothing secrecy.
More information2. Cryptography 2.4 Digital Signatures
DI-FCT-UNL Computer and Network Systems Security Segurança de Sistemas e Redes de Computadores 2010-2011 2. Cryptography 2.4 Digital Signatures 2010, Henrique J. Domingos, DI/FCT/UNL 2.4 Digital Signatures
More informationLecture Note 5 PUBLIC-KEY CRYPTOGRAPHY. Sourav Mukhopadhyay
Lecture Note 5 PUBLIC-KEY CRYPTOGRAPHY Sourav Mukhopadhyay Cryptography and Network Security - MA61027 Modern/Public-key cryptography started in 1976 with the publication of the following paper. W. Diffie
More informationImplementing RSA Algorithm in MANET and Comparison with RSA Digital Signature Spinder Kaur 1, Harpreet Kaur 2
Implementing RSA Algorithm in MANET and Comparison with RSA Digital Signature Spinder Kaur 1, Harpreet Kaur 2 1 Research Scholar, Department of Computer Science, Doaba Group of Colleges, Kharar, Punjab,
More informationA New Efficient Digital Signature Scheme Algorithm based on Block cipher
IOSR Journal of Computer Engineering (IOSRJCE) ISSN: 2278-0661, ISBN: 2278-8727Volume 7, Issue 1 (Nov. - Dec. 2012), PP 47-52 A New Efficient Digital Signature Scheme Algorithm based on Block cipher 1
More informationSignature Amortization Technique for Authenticating Delay Sensitive Stream
Signature Amortization Technique for Authenticating Delay Sensitive Stream M Bruntha 1, Dr J. Premalatha Ph.D. 2 1 M.E., 2 Professor, Department of Information Technology, Kongu Engineering College, Perundurai,
More informationSession Initiation Protocol Attacks and Challenges
2012 IACSIT Hong Kong Conferences IPCSIT vol. 29 (2012) (2012) IACSIT Press, Singapore Session Initiation Protocol Attacks and Challenges Hassan Keshavarz +, Mohammad Reza Jabbarpour Sattari and Rafidah
More informationSecure Key Exchange for Cloud Environment Using Cellular Automata with Triple-DES and Error-Detection
Secure Key Exchange for Cloud Environment Using Cellular Automata with Triple-DES and Error-Detection Govinda.K 1, Sathiyamoorthy.E *2, Surbhit Agarwal 3 # SCSE,VIT University Vellore,India 1 kgovinda@vit.ac.in
More informationComputer Networks 1 (Mạng Máy Tính 1) Lectured by: Dr. Phạm Trần Vũ MEng. Nguyễn CaoĐạt
Computer Networks 1 (Mạng Máy Tính 1) Lectured by: Dr. Phạm Trần Vũ MEng. Nguyễn CaoĐạt 1 Lecture 11: Network Security Reference: Chapter 8 - Computer Networks, Andrew S. Tanenbaum, 4th Edition, Prentice
More information1 Digital Signatures. 1.1 The RSA Function: The eth Power Map on Z n. Crypto: Primitives and Protocols Lecture 6.
1 Digital Signatures A digital signature is a fundamental cryptographic primitive, technologically equivalent to a handwritten signature. In many applications, digital signatures are used as building blocks
More informationAuthentication, digital signatures, PRNG
Multimedia Security Authentication, digital signatures, PRNG Mauro Barni University of Siena Beyond confidentiality Up to now, we have been concerned with protecting message content (i.e. confidentiality)
More informationSecurity Policy Revision Date: 23 April 2009
Security Policy Revision Date: 23 April 2009 Remote Desktop Support Version 3.2.1 or later for Windows Version 3.1.2 or later for Linux and Mac 4 ISL Light Security Policy This section describes the procedure
More informationIntroduction. Digital Signature
Introduction Electronic transactions and activities taken place over Internet need to be protected against all kinds of interference, accidental or malicious. The general task of the information technology
More informationDiscrete logarithms within computer and network security Prof Bill Buchanan, Edinburgh Napier
Discrete logarithms within computer and network security Prof Bill Buchanan, Edinburgh Napier http://asecuritysite.com @billatnapier Introduction. Encryption: Public/Private Key. Key Exchange. Authentication.
More informationCS 348: Computer Networks. - Security; 30 th - 31 st Oct 2012. Instructor: Sridhar Iyer IIT Bombay
CS 348: Computer Networks - Security; 30 th - 31 st Oct 2012 Instructor: Sridhar Iyer IIT Bombay Network security Security Plan (RFC 2196) Identify assets Determine threats Perform risk analysis Implement
More informationSignature Schemes. CSG 252 Fall 2006. Riccardo Pucella
Signature Schemes CSG 252 Fall 2006 Riccardo Pucella Signatures Signatures in real life have a number of properties They specify the person responsible for a document E.g. that it has been produced by
More information